WCF Authentication using basicHttpBinding and custom UserNamePasswordValidator

Question

My first question is, is it even possible to use a custom UserNamePasswordValidor with basicHttpBinding?

I have a asp.net web site using Forms authentication and a custom membership provider. I realise that I could use the built in System.Web.ApplicationServices.AuthenticationService to authenticate my client (a WPF app) but I don't want two service calls (one for auth service, one for logic).

So it seems that a custom UserNamePasswordValidator would be perfect for the job. In my client I can then have:

        var service = new MyServiceClient();
        service.ClientCredentials.UserName.UserName = "username";
        service.ClientCredentials.UserName.Password = "password";

        MessageBox.Show(service.SayHello());

I've seen this working with wsHttpBinding but ideally would like to test without an SSL certificate.

Alternatively, is it possible to make use of the AuthenticationService from within another WCF service?

To clarify what I mean above regarding authentication service, I don't want to have 2 service calls i.e:

            if (authService.Login("username", "password"))
            // then call my service

I know this a minor thing but the external developer of the client app is expecting just one service that takes the credentials and returns the required data.

Thanks, Ben

Answer 1

Hello,

check ClearUserName binding: http://webservices20.blogspot.com/2008/11/introducing-wcf-clearusernamebinding.html It should solve your problem.

Best regards, Ladislav